Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.
less -

Even if your business is not in the health care industry, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as updated by the Health Information Technology for Economic and Clinical Health Act (HITECH...more

In 2013, we alerted you to the expansion of the definition of the term “business associate” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Now, the Office of the National Coordinator for Health...more

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) recently transmitted HIPAA pre-audit screening surveys to covered entities that may be selected for a second phase of HIPAA compliance audits...more

If they have not already done so, covered entities and business associates have until September 23, 2014, to update their business associate agreements to comply with the January 2013 changes to the Health Insurance...more

As you may recall, new provisions of the HIPAA regulations went into effect on September 23, 2013. Included were new requirements for Business Associate (BA) Agreements. The new regulations, however, grandfathered certain...more

Covered entities and business associates have only until September 22, 2014 to update business associate agreements that were in place as of January 25, 2013. For those members of the health industry and their vendors that...more

Business Associate Agreements (BAAs), in the current regulatory and technological environment, require careful review and negotiation of the implementation of the regulatory requirements. In meeting the September 23, 2014...more

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

The one-year transition rule expires on September 22, 2014.
The final regulations under the HIPAA Privacy, Security, and Enforcement Rules as amended by HITECH, make several changes, including modifying the...more

Under the recently enacted Health Information Technology for Economic and Clinical Health (HITECH) Act, and implementing regulations, the definition of the HIPAA term "Business Associate" has been expanded. A "Business...more

The HHS Office of Civil Rights (OCR) announced that the Health Information Technology (HIT) Policy Committee’s Privacy and Security Tiger Team will hold a virtual, public hearing on Monday, September 30 from 11:45 a.m. to...more

In 2009, the Health Information Technology for Economic and Clinical Health Act ("HITECH") modified a number of provisions of the Health Insurance Portability and Accountability Act ("HIPAA") to strengthen HIPAA's privacy and...more

If you sponsor a group health plan that is subject to the HIPAA Privacy and Security Rules, it is time to review and revise your policies and procedures and re-train your employees regarding the proper procedures when...more

For much of 2013, group health plan sponsors have been gearing up for the compliance challenges associated with the Affordable Care Act. There is no doubt that much of the planning, focus and energy trained on the next round...more

The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) sets forth rules to protect the privacy and security of individuals’ health information that is held by “covered entities,” such as group health plans....more

A recently issued government rule may unknowingly create significant liability and legal risk for many technology enterprises. The expanded definition of "business associates" and related interpretations by the Department of...more

If you are a health care provider and/or someone who routinely performs work involving patient health information on behalf of a health care provider, you likely need to know about the HIPAA/HITECH Final Rule....more

In This Issue:
- Key Provisions In the Final Omnibus HIPAA/HITECH Rules and What They Mean for You
- NLRB and EEOC May Target Employer Efforts to Keep Employees Quiet During Internal Investigations
-...more

The HIPAA Omnibus Rule goes into effect today, which officially starts the clock for covered entities, business associates, and their subcontractors to begin updating their agreements, forms, policies, procedures, and...more

On January 25, 2013, the U.S. Department of Health and Human Services (HHS) published the highly anticipated Omnibus Rule, which makes extensive changes (as promulgated by the Health Information Technology for Economic and...more

The final rule implementing new obligations under HITECH and changing obligations under HIPAA is finally out. Covered entities and business associates need to come into compliance with these requirements by September 23,...more

On January 17, 2013, the U.S. Department of Health and Human Services (HHS) released final regulations under the Health Insurance Portability and Accountability Act (HIPAA), which implement changes made by the Health...more

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.